by Paul Rosenzweig | Mar 3, 2014 | Cybersecurity
The Russia-Ukraine conflict is quickly becoming a textbook example of low-grade cyber tactics that will likely occur in almost all future conflicts. It has yet to, thankfully, graduate to a full-scale cyber assault, but we are seeing a number of…
by Paul Rosenzweig | Feb 22, 2014 | Cybersecurity
I was in Starbucks the other day and the man behind me was a DC Metropolitan Police Officer. As we waited, he and I had a pleasant conversation (I learned, for example, that he likes two pumps of creme brulee in his coffee). One thing, however,…
by Paul Rosenzweig | Feb 11, 2014 | Cybersecurity
The NIST Cybersecurity Framework has been released. It is accompanied by a Roadmap which is intended to be a work plan for future efforts on issues (like authentication) that require further study and work. At first glance the Roadmap looks quite…
by Paul Rosenzweig | Jan 23, 2014 | Cybersecurity
If you ask many of the folks on the front line of cybersecurity for our critical infrastructure they will tell you that a large-scale attack is very unlikely to succeed. They will all acknowledge, as they must, that legacy control systems are…
by Paul Rosenzweig | Jan 21, 2014 | Cybersecurity
CrowdStrike, a US-based cybersecurity company, has just released its annual Global Threat Report 2013. For those who follow the area, the report reflects some interesting (and disturbing) trends in malicious activity. Most notable:The increased use…
by Paul Rosenzweig | Dec 12, 2013 | Cybersecurity
My friend Stewart Baker has likened the privacy requirements of the draft NIST framework to a “privacy tax.” His fear, which has sound economic force, is that the imposition of privacy protective requirements on cybersecurity efforts will drive up…
